Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9C4976C9EAA11F08AA61D90DAE4EC9C.roa
File: C9C4976C9EAA11F08AA61D90DAE4EC9C.roa (raw, json)
Hash identifier: 59cDXo9h8D6163enhUFGt8rxVXplnIZ4wEkee9xZbbI=
Subject key identifier: 2E:6C:CF:D1:EC:8C:6B:43:7A:C5:F7:4E:A1:BA:DE:72:5C:18:4F:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A1EB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9C4976C9EAA11F08AA61D90DAE4EC9C.roa
Signing time: Wed 01 Oct 2025 09:41:22 +0000
ROA not before: Wed 01 Oct 2025 09:41:17 +0000
ROA not after: Fri 14 Nov 2025 09:41:17 +0000
asID: 21859
IP address blocks: 154.194.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106987 (0x1a1eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 1 09:41:17 2025 GMT
Not After : Nov 14 09:41:17 2025 GMT
Subject: CN=68dcf742-0afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c5:de:16:a8:8d:0b:78:e1:8e:d8:48:fa:32:
0b:4b:57:ce:2e:14:57:ff:d1:ed:db:6f:f3:b1:a3:
1e:94:60:1a:50:eb:2f:9c:d4:8c:8a:56:12:ca:c7:
6f:b2:52:81:a8:af:0c:18:f9:cc:39:a9:82:f8:96:
cd:a7:58:90:cd:28:76:bb:45:fc:52:e3:46:99:1d:
82:70:80:c0:e5:64:cc:7f:87:c4:62:39:5c:ae:01:
71:76:e7:20:c2:b2:6f:17:21:ab:c0:02:3a:23:32:
3e:3a:3a:a5:eb:0b:2b:79:f0:89:ce:48:05:bc:1c:
6e:40:7e:f4:bb:6e:3f:58:db:da:d9:b0:0b:22:4f:
f9:af:31:69:dc:28:96:6c:cd:0c:a5:f5:66:5b:ec:
a9:73:d4:5d:68:5f:ef:97:ca:25:2e:92:9a:98:3a:
c2:fd:b3:13:f5:e7:cc:a5:a2:2f:c0:f8:63:a8:d7:
95:04:f1:da:cd:df:23:de:b1:a1:3c:52:36:32:cb:
1e:e3:e4:e8:41:df:2a:99:78:4d:e4:54:4c:ea:f5:
35:6e:59:11:a0:0b:d6:64:ba:d5:cb:7b:94:b5:f2:
f6:38:b0:aa:0a:b1:eb:ae:33:f8:da:6f:1a:18:4a:
71:4d:16:b5:02:7f:84:c6:97:a3:e7:ae:98:b9:54:
c8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:6C:CF:D1:EC:8C:6B:43:7A:C5:F7:4E:A1:BA:DE:72:5C:18:4F:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9C4976C9EAA11F08AA61D90DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.56.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:34:cb:9c:1e:4d:1e:fc:1b:26:5e:ce:d1:d1:72:55:02:9b:
8a:7a:e6:d2:c2:e3:c4:5a:2c:90:c1:51:cc:66:2b:69:7f:29:
ae:e4:70:d8:71:52:75:01:87:b5:19:9b:54:05:a9:56:85:4c:
a8:61:07:3e:07:8c:a1:b4:89:60:93:ef:6f:64:13:dc:7b:73:
21:14:a8:f8:76:5a:b1:32:56:8d:83:11:f2:e6:50:bb:70:00:
3a:4f:3f:0c:9c:ab:67:cc:3d:6b:30:e7:29:df:1e:a9:b8:3f:
68:84:38:74:4e:16:9a:85:71:9a:4a:77:3d:0f:e4:54:7e:a2:
77:1b:bd:a1:42:08:fd:e4:67:b0:7b:ff:9f:21:92:58:75:d2:
31:c8:1e:41:80:07:80:1f:25:ec:7b:71:ee:17:d5:28:dd:53:
ce:84:c1:f7:79:17:38:8a:7f:0f:ad:6f:04:aa:b0:ad:72:53:
d2:f7:6f:d9:c3:26:b7:be:40:4d:d7:d3:6b:13:5d:c7:6b:eb:
b6:a1:7f:e0:0a:da:52:58:ad:ca:3c:b9:0c:1e:e1:bc:13:49:
a0:be:f2:0e:3a:cb:2d:e3:6e:9c:f5:e7:c1:fb:1a:89:90:5c:
87:e3:db:ad:f7:9b:94:f1:bc:f4:ce:86:f8:a9:fd:bb:e3:0f:
3f:e8:04:82
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaHrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDAxMDk0MTE3WhcNMjUxMTE0MDk0MTE3WjAYMRYw
FAYDVQQDEw02OGRjZjc0Mi0wYWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyMXeFqiNC3jhjthI+jILS1fOLhRX/9Ht22/zsaMelGAaUOsvnNSMilYS
ysdvslKBqK8MGPnMOamC+JbNp1iQzSh2u0X8UuNGmR2CcIDA5WTMf4fEYjlcrgFx
ducgwrJvFyGrwAI6IzI+Ojql6wsrefCJzkgFvBxuQH70u24/WNva2bALIk/5rzFp
3CiWbM0MpfVmW+ypc9RdaF/vl8olLpKamDrC/bMT9efMpaIvwPhjqNeVBPHazd8j
3rGhPFI2Msse4+ToQd8qmXhN5FRM6vU1blkRoAvWZLrVy3uUtfL2OLCqCrHrrjP4
2m8aGEpxTRa1An+Expej566YuVTIOQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC5s
z9HsjGtDesX3TqG63nJcGE8+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOUM0OTc2QzlFQUExMUYwOEFBNjFEOTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsI4MA0GCSqGSIb3DQEB
CwUAA4IBAQA/NMucHk0e/BsmXs7R0XJVApuKeubSwuPEWiyQwVHMZitpfymu5HDY
cVJ1AYe1GZtUBalWhUyoYQc+B4yhtIlgk+9vZBPce3MhFKj4dlqxMlaNgxHy5lC7
cAA6Tz8MnKtnzD1rMOcp3x6puD9ohDh0ThaahXGaSnc9D+RUfqJ3G72hQgj95Gew
e/+fIZJYddIxyB5BgAeAHyXse3HuF9Uo3VPOhMH3eRc4in8PrW8EqrCtclPS92/Z
wya3vkBN19NrE13Ha+u2oX/gCtpSWK3KPLkMHuG8E0mgvvIOOsst426c9efB+xqJ
kFyH49ut95uU8bz0zob4qf274w8/6ASC
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:02 2025 by rpki-client